nexposecli 0.1.10 → 0.1.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/bin/nexposecli +45 -1
- data/lib/nexposecli/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 968b4f2a9521ee6815e540d307b61cf5b2f76353
|
|
4
|
+
data.tar.gz: 0c4371aada7b56260ca163b473b491c5f1a7cb52
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a623ecd594aee77b8f60b8be9d58a31aa2d258f2aae88b8d344529216f38bc2ef6de6cd7d348c9c3f49ac194709a3e9b0f66183ed42d826d6230bd021e2f4e9e
|
|
7
|
+
data.tar.gz: fc4cf08730ce9a7432ef3a5840b064dd1d2ea2984b9b24be86244d0cface69b31ca08777e5a22ed959b31e7c775c0061bfe4a2dc98fe541afb1901b54c23b25d
|
data/README.md
CHANGED
|
@@ -16,6 +16,14 @@ or an example of running a query to list all active scans
|
|
|
16
16
|
|
|
17
17
|
nexposecli --config ./lab.yaml --list --SCAN
|
|
18
18
|
|
|
19
|
+
how to run an adhoc sql query and export via csv
|
|
20
|
+
|
|
21
|
+
nexposecli --run --QUERY --config ./lab.yaml --logpath --sql "select * from dim_asset"
|
|
22
|
+
|
|
23
|
+
or for more complex sql queries, put the sql into a file and run
|
|
24
|
+
|
|
25
|
+
nexposecli --run --QUERY --config ./lab.yaml --sqlfile ./new_assets.sql
|
|
26
|
+
|
|
19
27
|
how to list all reports defined
|
|
20
28
|
|
|
21
29
|
nexposecli --config ./lab.yaml --list --REPORT
|
data/bin/nexposecli
CHANGED
|
@@ -360,6 +360,9 @@ ARGS = %q{
|
|
|
360
360
|
desc : The COMMAND target is only used in conjunction with the --run action
|
|
361
361
|
required : true
|
|
362
362
|
|
|
363
|
+
- name : QUERY
|
|
364
|
+
desc : The QUERY target is only used in conjunction with the --run action
|
|
365
|
+
|
|
363
366
|
- comment : EVM Action Argument Values
|
|
364
367
|
|
|
365
368
|
- name : host
|
|
@@ -427,6 +430,14 @@ ARGS = %q{
|
|
|
427
430
|
desc : The subaction to be performed within the target action
|
|
428
431
|
required : true
|
|
429
432
|
|
|
433
|
+
- name : sql
|
|
434
|
+
desc : The sql query to be executed
|
|
435
|
+
required : true
|
|
436
|
+
|
|
437
|
+
- name : sqlfile
|
|
438
|
+
desc : The file containing the sql query to be executed
|
|
439
|
+
required : true
|
|
440
|
+
|
|
430
441
|
- name : attempts
|
|
431
442
|
desc : The max number of attempts for iterative actions
|
|
432
443
|
required : true
|
|
@@ -532,8 +543,9 @@ uputs("TARGET", "Checking for the requested target")
|
|
|
532
543
|
@target |= 2048 if args.CONSOLE
|
|
533
544
|
@target |= 4096 if args.TEMPLATE
|
|
534
545
|
@target |= 8192 if args.ROLE
|
|
546
|
+
@target |= 16384 if args.QUERY
|
|
535
547
|
uputs("TARGET", "The requested target value is: #{@target.to_s}")
|
|
536
|
-
raise "You can only submit one target per task, see --help (#{@target})" unless [1,2,4,8,16,32,64,128,256,512,1024,2048,4096,8192].include?(@target)
|
|
548
|
+
raise "You can only submit one target per task, see --help (#{@target})" unless [1,2,4,8,16,32,64,128,256,512,1024,2048,4096,8192,16384].include?(@target)
|
|
537
549
|
|
|
538
550
|
# nsc conn vars
|
|
539
551
|
unless (
|
|
@@ -1703,6 +1715,38 @@ when 8192 # TARGET ROLE
|
|
|
1703
1715
|
uputs("ACTION", 'The action requested is not implemented for target: ROLE')
|
|
1704
1716
|
puts 'The action requested is not implemented for target: ROLE'
|
|
1705
1717
|
end
|
|
1718
|
+
when 16384 # TARGET QUERY
|
|
1719
|
+
case @action
|
|
1720
|
+
when 32 # run
|
|
1721
|
+
uputs("ACTION", 'run QUERY action requested')
|
|
1722
|
+
|
|
1723
|
+
# Read desired sql from cli arg or file, with preference to sql arg
|
|
1724
|
+
sql = ""
|
|
1725
|
+
# EJGNOW
|
|
1726
|
+
if args.sql
|
|
1727
|
+
sql = args.sql
|
|
1728
|
+
elsif args.sqlfile
|
|
1729
|
+
if File.file?(args.sqlfile)
|
|
1730
|
+
sql = File.read(args.sqlfile)
|
|
1731
|
+
end
|
|
1732
|
+
else
|
|
1733
|
+
STDERR.puts "ERROR [ sql query is empty ]"
|
|
1734
|
+
exit(-1)
|
|
1735
|
+
end
|
|
1736
|
+
uputs("QUERY", "\nRunning [#{sql}]")
|
|
1737
|
+
|
|
1738
|
+
sql_config = Nexpose::AdhocReportConfig.new(nil, 'sql')
|
|
1739
|
+
sql_config.add_filter('version', '2.0.1')
|
|
1740
|
+
sql_config.add_filter('query', sql)
|
|
1741
|
+
|
|
1742
|
+
sql_output = sql_config.generate(@nsc)
|
|
1743
|
+
csv_output = CSV.parse(sql_output.chomp, { :headers => :first_row})
|
|
1744
|
+
|
|
1745
|
+
puts csv_output
|
|
1746
|
+
else
|
|
1747
|
+
uputs("ACTION", 'The action requested is not implemented for target: COMMAND')
|
|
1748
|
+
puts 'The action requested is not implemented for target: COMMAND'
|
|
1749
|
+
end
|
|
1706
1750
|
else
|
|
1707
1751
|
# there is no default target
|
|
1708
1752
|
uputs("ACTION", 'No default action requested')
|
data/lib/nexposecli/version.rb
CHANGED